Virus and Spyware Removal Guides, uninstall instructions

What is "Orders Payment Swift Telex Copies"?

After analyzing this email, we came to the conclusion that it is a fraudulent email masquerading as a notification from Microsoft. It is a phishing email that aims to entice recipients to access a fake website and disclose their personal information. Therefore, recipients should disregard this email.

What is eBook Search?

Our researchers discovered the eBook Search browser extension while investigating deceptive websites. This piece of software is presented as a tool for easy access to ebooks. However, our analysis of eBook Search revealed that it is a browser hijacker and endorses the sear.ebooksearchnow.com fake search engine.

What is CovidDash?

During a routine investigation of suspicious websites, our research team discovered a malicious setup promoting the CovidDash (full title "CovidDash at Johns Hopkins University") browser extension. It is endorsed as a tool for easy access to information relating to the COVID-19 pandemic.

After inspecting this piece of software, we determined that it operates as a browser hijacker and causes redirects to the coviddashboard.extjourney.com fake search engine.

It is pertinent to mention that the installer also promoted the "Abnormal Network Traffic On This Device" scam.

What kind of email is "Purchase Confirmation"?

After inspecting the "Purchase Confirmation" email, we determined that it is spam. This letter is presented as a message regarding purchase confirmation. It supposedly contains relevant documentation; however, when the provided link is followed – it redirects to a phishing website that targets email account log-in credentials.

What kind of scam is "Abnormal Network Traffic On This Device"?

While inspecting suspicious websites, our research team discovered a malicious setup promoting the "Abnormal Network Traffic On This Device" scam. It is noteworthy that the installer also endorsed the CovidDash browser hijacker, as well as a bunch of other questionable applications.

After we executed the malicious file, it displayed a pop-up window. The message therein was disguised as an alert from Microsoft. The fake warning stated that due to suspicious network traffic, the user's device had been blocked from the network. The goal of this scam pop-up is to trick victims into visiting a phishing website.

What is Simple tabs manager?

Simple tabs manager is a browser extension that we discovered while investigating untrustworthy sites. It is presented as a tool for managing browser tabs. However, our analysis revealed that Simple tabs manager operates as advertising-supported software (adware).

What is DAAM botnet?

DAAM is an Android botnet utilized to gain unauthorized access to targeted devices since 2021. Cybercriminals employ it to conduct various malicious operations. With the DAAM Android botnet, threat actors can bind harmful code with a genuine application using its APK binding service.

What is Cloud Weather?

While investigating suspicious sites, our researchers discovered the Cloud Weather browser extension. It is promoted as a quick access tool to cloudy/sunny weather forecasts.

Our analysis of this extension revealed that it operates as a browser hijacker. In other words, Cloud Weather modifies browser settings in order to cause redirects to the search.cloudweatherext.com fake search engine.

What kind of application is Webb Telescope - New Tab?

After examining the Webb Telescope - New Tab application, we have determined that it is a browser extension designed to take control of web browsers (hijack them). By modifying browser settings, the extension imposes a fake search engine (webbtelescopenewtab.com) on users. Furthermore, Webb Telescope - New Tab has the capability to read specific data.

What is "Economic Devastation Recovery Relief"?

We have examined this letter and determined that it is a scam email that aims to trick recipients into believing that they have been awarded a large sum of money. This is a common phishing scam, and recipients should not respond to such emails or provide any personal information.